hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

add better-sqlite3

Browse Source
This commit is contained in:
amammad
2023-10-10 11:17:04 +02:00
parent 97c27ac11b
commit bbeb7b39d7
1 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
javascript/ql/lib/semmle/javascript/frameworks/SQL.qll
View File

@@ -297,6 +297,35 @@ private module Sqlite {
}
}
/**
* Provides classes modeling the `better-sqlite3` package.
*/
private module BetterSqlite3 {
/** Gets an expression that constructs or returns a better-sqlite3 database instance. */
API::Node database() {
result =
[
API::moduleImport("better-sqlite3").getMember("Database"),
API::moduleImport("better-sqlite3").getReturn()
]
}
/** A call to a better-sqlite3 query method. */
private class QueryCall extends DatabaseAccess, DataFlow::MethodCallNode {
QueryCall() {
this = database().getMember(["exec", "prepare"]).getACall() or
this = database().getMember("exec").getReturn().getMember("prepare").getACall()
}
override DataFlow::Node getAQueryArgument() { result = this.getArgument(0) }
}
/** An expression that is passed to the `query` method and hence interpreted as SQL. */
class QueryString extends SQL::SqlString {
QueryString() { this = any(QueryCall qc).getAQueryArgument() }
}
}
/**
* Provides classes modeling the `mssql` package.
*/